v 2.6.9.10=============================================================x Fixed regression: permanently allow a web site erasing temporary whitelist items (thanks smersh for reporting)x Fixed private windows detection for UI adaptation broken in SeaMonkey (thanks barbaz for reporting)x Made the Permanent "allow" commands in private windows' checkbox look and behave like the other options in the "Appearance" tab, i.e. controlling the visibility of the menu item by the same name

v 2.6.9.7=============================================================x Fixed inconsistencies in the globalHttpsWhitelist option implementation (thanks Mike Perry for reporting)+ Volatile temporary whitelist, never gets saved to disk (thanks to Tor Project for sponsorship)+ Never show permanent whitelist modifying commands when in private mode, unless the noscript.volatilePrivatePermissions preference is false (thanks to Tor Project for sponsorship)+ noscript.allowWhitelistUpdate preference to control whether NoScript should be able to tweak the whitelist on version updates when the 3rd party requirements for an already whitelisted website change (thanks Thencent for RFE)

v 2.6.8.37=========================================================================x Made the new additional script blocking policies more consistent with other features (e.g. the XSS filter)x NoScript's toolbar button is now friendlier to other Australis-enabled add-onsx Work-around for Firefox's Bug 1044351 (thanks al_9x for RFE)x [XSS] Support for new insidious ES6 constructs introduced in Firefox 34 (thanks .mario for reporting)x [HTTPS] Experimental "Allow HTTPS scripts globally on HTTPS documents" modex [Surrogate] Yahoo! "DARLA" ads loader post-execution surrogate prevents the browser from stalling due to the many window.name-based XSSes intentionally used by this ads delivery script

v 2.6.8.35=========================================================================x Improved compatibility with browser built-in Click To Play + Recently blocked sites are now recorded per-window (causing automatic oblivion of data from Private Browsing windows when they're closed)+ Recently blocked sites are not collected at all unless the menu item is configured to be shown (thanks Barbaz for RFE and patch)

v 2.6.8.27=========================================================================x Work-around for bug 1005552 (backport to ESR)+ [Surrogate] External script surrogates are now triggered whenever a matching script fails to load, no matter the reason, e.g. NoScript permissions, ABE, ABP or RequestPolicy (thanks bonanza for RFE)x [XSS] Worked around OpenID-related false positive (thanks Gunnar for reporting)x [XSS] Better work around for false positive in gmx.com new webmail, designed to work across all its implementations